0 follower

CDbAuthManager

Package system.web.auth
Inheritance class CDbAuthManager » CAuthManager » CApplicationComponent » CComponent
Implements IAuthManager, IApplicationComponent
Since 1.0
Version $Id$
Source Code framework/web/auth/CDbAuthManager.php
CDbAuthManager represents an authorization manager that stores authorization information in database.

The database connection is specified by connectionID. And the database schema should be as described in "framework/web/auth/schema.sql". You may change the names of the three tables used to store the authorization data by setting itemTable, itemChildTable and assignmentTable.

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
assignmentTable string the name of the table storing authorization item assignments. CDbAuthManager
authItems array Returns the authorization items of the specific type and user. CDbAuthManager
behaviors array the behaviors that should be attached to this component. CApplicationComponent
connectionID string the ID of the CDbConnection application component. CDbAuthManager
db CDbConnection the database connection. CDbAuthManager
defaultRoles array list of role names that are assigned to all users implicitly. CAuthManager
isInitialized boolean whether this application component has been initialized (i.e., init() is invoked. CApplicationComponent
itemChildTable string the name of the table storing authorization item hierarchy. CDbAuthManager
itemTable string the name of the table storing authorization items. CDbAuthManager
operations array Returns operations. CAuthManager
roles array Returns roles. CAuthManager
tasks array Returns tasks. CAuthManager

Protected Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
dbConnection CDbConnection the DB connection instance CDbAuthManager

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. CComponent
__destruct() Destructor. CDbAuthManager
__get() Returns a property value, an event handler list or a behavior based on its name. CComponent
__isset() Checks if a property value is null. CComponent
__set() Sets value of a component property. CComponent
__unset() Sets a component property to be null. CComponent
addItemChild() Adds an item as a child of another item. CDbAuthManager
asa() Returns the named behavior object. CComponent
assign() Assigns an authorization item to a user. CDbAuthManager
attachBehavior() Attaches a behavior to this component. CComponent
attachBehaviors() Attaches a list of behaviors to the component. CComponent
attachEventHandler() Attaches an event handler to an event. CComponent
canGetProperty() Determines whether a property can be read. CComponent
canSetProperty() Determines whether a property can be set. CComponent
checkAccess() Performs access check for the specified user. CDbAuthManager
clearAll() Removes all authorization data. CDbAuthManager
clearAuthAssignments() Removes all authorization assignments. CDbAuthManager
createAuthItem() Creates an authorization item. CDbAuthManager
createOperation() Creates an operation. CAuthManager
createRole() Creates a role. CAuthManager
createTask() Creates a task. CAuthManager
detachBehavior() Detaches a behavior from the component. CComponent
detachBehaviors() Detaches all behaviors from the component. CComponent
detachEventHandler() Detaches an existing event handler. CComponent
disableBehavior() Disables an attached behavior. CComponent
disableBehaviors() Disables all behaviors attached to this component. CComponent
enableBehavior() Enables an attached behavior. CComponent
enableBehaviors() Enables all behaviors attached to this component. CComponent
executeBizRule() Executes the specified business rule. CAuthManager
getAuthAssignment() Returns the item assignment information. CDbAuthManager
getAuthAssignments() Returns the item assignments for the specified user. CDbAuthManager
getAuthItem() Returns the authorization item with the specified name. CDbAuthManager
getAuthItems() Returns the authorization items of the specific type and user. CDbAuthManager
getEventHandlers() Returns the list of attached event handlers for an event. CComponent
getIsInitialized() Checks whether this application component has been initialized (i.e., init() is invoked.) CApplicationComponent
getItemChildren() Returns the children of the specified item. CDbAuthManager
getOperations() Returns operations. CAuthManager
getRoles() Returns roles. CAuthManager
getTasks() Returns tasks. CAuthManager
hasEvent() Determines whether an event is defined. CComponent
hasEventHandler() Checks whether the named event has attached handlers. CComponent
hasItemChild() Returns a value indicating whether a child exists within a parent. CDbAuthManager
hasProperty() Determines whether a property is defined. CComponent
init() Initializes the application component. CDbAuthManager
isAssigned() Returns a value indicating whether the item has been assigned to the user. CDbAuthManager
raiseEvent() Raises an event. CComponent
removeAuthItem() Removes the specified authorization item. CDbAuthManager
removeItemChild() Removes a child from its parent. CDbAuthManager
revoke() Revokes an authorization assignment from a user. CDbAuthManager
save() Saves the authorization data to persistent storage. CDbAuthManager
saveAuthAssignment() Saves the changes to an authorization assignment. CDbAuthManager
saveAuthItem() Saves an authorization item to persistent storage. CDbAuthManager

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
checkDefaultRoles() Checks the access based on the default roles as declared in defaultRoles. CDbAuthManager
checkItemChildType() Checks the item types to make sure a child can be added to a parent. CAuthManager
detectLoop() Checks whether there is a loop in the authorization item hierarchy. CDbAuthManager
getDbConnection() Returns the DB connection instance CDbAuthManager
usingSqlite() CDbAuthManager

Property Details

assignmentTable property
public string $assignmentTable;

the name of the table storing authorization item assignments. Defaults to 'AuthAssignment'.

authItems property read-only
public array getAuthItems(integer $type=NULL, mixed $userId=NULL)

Returns the authorization items of the specific type and user.

connectionID property
public string $connectionID;

the ID of the CDbConnection application component. Defaults to 'db'. The database must have the tables as declared in "framework/web/auth/schema.sql".

db property
public CDbConnection $db;

the database connection. By default, this is initialized automatically as the application component whose ID is indicated as connectionID.

dbConnection property read-only

the DB connection instance

itemChildTable property
public string $itemChildTable;

the name of the table storing authorization item hierarchy. Defaults to 'AuthItemChild'.

itemTable property
public string $itemTable;

the name of the table storing authorization items. Defaults to 'AuthItem'.

Method Details

__destruct() method
public void __destruct()
Source Code: framework/web/auth/CDbAuthManager.php#55 (show)
public function __destruct()
{
    if(
$this->db!==null)
        
$this->db->setActive(false);
}

Destructor. Disconnect the db connection.

addItemChild() method
public void addItemChild(string $itemName, string $childName)
$itemName string the parent item name
$childName string the child item name
Source Code: framework/web/auth/CDbAuthManager.php#168 (show)
public function addItemChild($itemName,$childName)
{
    if(
$itemName===$childName)
        throw new 
CException(Yii::t('yii','Cannot add "{name}" as a child of itself.',
                array(
'{name}'=>$itemName)));
    
$sql="SELECT * FROM {$this->itemTable} WHERE name=:name1 OR name=:name2";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':name1',$itemName);
    
$command->bindValue(':name2',$childName);
    
$rows=$command->queryAll();
    if(
count($rows)==2)
    {
        static 
$types=array('operation','task','role');
        if(
$rows[0]['name']===$itemName)
        {
            
$parentType=$rows[0]['type'];
            
$childType=$rows[1]['type'];
        }
        else
        {
            
$childType=$rows[0]['type'];
            
$parentType=$rows[1]['type'];
        }
        
$this->checkItemChildType($parentType,$childType);
        if(
$this->detectLoop($itemName,$childName))
            throw new 
CException(Yii::t('yii','Cannot add "{child}" as a child of "{name}". A loop has been detected.',
                array(
'{child}'=>$childName,'{name}'=>$itemName)));

        
$sql="INSERT INTO {$this->itemChildTable} (parent,child) VALUES (:parent,:child)";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':parent',$itemName);
        
$command->bindValue(':child',$childName);
        
$command->execute();
    }
    else
        throw new 
CException(Yii::t('yii','Either "{parent}" or "{child}" does not exist.',array('{child}'=>$childName,'{parent}'=>$itemName)));
}

Adds an item as a child of another item.

assign() method
public CAuthAssignment assign(string $itemName, mixed $userId, string $bizRule=NULL, mixed $data=NULL)
$itemName string the item name
$userId mixed the user ID (see IWebUser::getId)
$bizRule string the business rule to be executed when checkAccess is called for this particular authorization item.
$data mixed additional data associated with this assignment
{return} CAuthAssignment the authorization assignment information.
Source Code: framework/web/auth/CDbAuthManager.php#270 (show)
public function assign($itemName,$userId,$bizRule=null,$data=null)
{
    if(
$this->usingSqlite() && $this->getAuthItem($itemName)===null)
        throw new 
CException(Yii::t('yii','The item "{name}" does not exist.',array('{name}'=>$itemName)));

    
$sql="INSERT INTO {$this->assignmentTable} (itemname,userid,bizrule,data) VALUES (:itemname,:userid,:bizrule,:data)";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':itemname',$itemName);
    
$command->bindValue(':userid',$userId);
    
$command->bindValue(':bizrule',$bizRule);
    
$command->bindValue(':data',serialize($data));
    
$command->execute();
    return new 
CAuthAssignment($this,$itemName,$userId,$bizRule,$data);
}

Assigns an authorization item to a user.

checkAccess() method
public boolean checkAccess(string $itemName, mixed $userId, array $params=array ( ))
$itemName string the name of the operation that need access check
$userId mixed the user ID. This should can be either an integer and a string representing the unique identifier of a user. See IWebUser::getId.
$params array name-value pairs that would be passed to biz rules associated with the tasks and roles assigned to the user.
{return} boolean whether the operations can be performed by the user.
Source Code: framework/web/auth/CDbAuthManager.php#82 (show)
public function checkAccess($itemName,$userId,$params=array())
{
    if(!empty(
$this->defaultRoles) && $this->checkDefaultRoles($itemName,$params))
        return 
true;

    
$sql="SELECT name, type, description, t1.bizrule, t1.data, t2.bizrule AS bizrule2, t2.data AS data2 FROM {$this->itemTable} t1, {$this->assignmentTable} t2 WHERE name=itemname AND userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':userid',$userId);

    
// check directly assigned items
    
$names=array();
    foreach(
$command->queryAll() as $row)
    {
        
Yii::trace('Checking permission "'.$row['name'].'"','system.web.auth.CDbAuthManager');            
        if(
$this->executeBizRule($row['bizrule2'],$params,unserialize($row['data2']))
            && 
$this->executeBizRule($row['bizrule'],$params,unserialize($row['data'])))
        {
            if(
$row['name']===$itemName)
                return 
true;
            
$names[]=$row['name'];
        }
    }

    
// check all descendant items
    
while($names!==array())
    {
        
$items=$this->getItemChildren($names);
        
$names=array();
        foreach(
$items as $item)
        {
            
Yii::trace('Checking permission "'.$item->getName().'"','system.web.auth.CDbAuthManager');            
            if(
$this->executeBizRule($item->getBizRule(),$params,$item->getData()))
            {
                if(
$item->getName()===$itemName)
                    return 
true;
                
$names[]=$item->getName();
            }
        }
    }

    return 
false;
}

Performs access check for the specified user.

checkDefaultRoles() method (available since v1.0.3)
protected boolean checkDefaultRoles(string $itemName, array $params)
$itemName string the name of the operation that need access check
$params array name-value pairs that would be passed to biz rules associated with the tasks and roles assigned to the user.
{return} boolean whether the operations can be performed by the user according to the default roles.
Source Code: framework/web/auth/CDbAuthManager.php#134 (show)
protected function checkDefaultRoles($itemName,$params)
{
    
$names=array();
    foreach(
$this->defaultRoles as $role)
    {
        if(
is_string($role))
            
$names[]=$this->db->quoteValue($role);
        else
            
$names[]=$role;
    }
    if(
count($names)<4)
        
$condition='name='.implode(' OR name=',$names);
    else
        
$condition='name IN ('.implode(', ',$names).')';
    
$sql="SELECT name, type, description, bizrule, data FROM {$this->itemTable} WHERE $condition";
    
$command=$this->db->createCommand($sql);
    
$rows=$command->queryAll();

    foreach(
$rows as $row)
    {
        
Yii::trace('Checking default role "'.$row['name'].'"','system.web.auth.CDbAuthManager');            
        
$item=new CAuthItem($this,$row['name'],$row['type'],$row['description'],$row['bizrule'],unserialize($row['data']));
        if(
$item->checkAccess($itemName,$params))
            return 
true;
    }
    return 
false;
}

Checks the access based on the default roles as declared in defaultRoles.

clearAll() method
public void clearAll()
Source Code: framework/web/auth/CDbAuthManager.php#529 (show)
public function clearAll()
{
    
$this->clearAuthAssignments();
    
$this->db->createCommand("DELETE FROM {$this->itemChildTable}")->execute();
    
$this->db->createCommand("DELETE FROM {$this->itemTable}")->execute();
}

Removes all authorization data.

clearAuthAssignments() method
public void clearAuthAssignments()
Source Code: framework/web/auth/CDbAuthManager.php#539 (show)
public function clearAuthAssignments()
{
    
$this->db->createCommand("DELETE FROM {$this->assignmentTable}")->execute();
}

Removes all authorization assignments.

createAuthItem() method
public CAuthItem createAuthItem(string $name, integer $type, string $description='', string $bizRule=NULL, mixed $data=NULL)
$name string the item name. This must be a unique identifier.
$type integer the item type (0: operation, 1: task, 2: role).
$description string description of the item
$bizRule string business rule associated with the item. This is a piece of PHP code that will be executed when checkAccess is called for the item.
$data mixed additional data associated with the item.
{return} CAuthItem the authorization item
Source Code: framework/web/auth/CDbAuthManager.php#425 (show)
public function createAuthItem($name,$type,$description='',$bizRule=null,$data=null)
{
    
$sql="INSERT INTO {$this->itemTable} (name,type,description,bizrule,data) VALUES (:name,:type,:description,:bizrule,:data)";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':type',$type);
    
$command->bindValue(':name',$name);
    
$command->bindValue(':description',$description);
    
$command->bindValue(':bizrule',$bizRule);
    
$command->bindValue(':data',serialize($data));
    
$command->execute();
    return new 
CAuthItem($this,$name,$type,$description,$bizRule,$data);
}

Creates an authorization item. An authorization item represents an action permission (e.g. creating a post). It has three types: operation, task and role. Authorization items form a hierarchy. Higher level items inheirt permissions representing by lower level items.

detectLoop() method
protected boolean detectLoop(string $itemName, string $childName)
$itemName string parent item name
$childName string the name of the child item that is to be added to the hierarchy
{return} boolean whether a loop exists
Source Code: framework/web/auth/CDbAuthManager.php#550 (show)
protected function detectLoop($itemName,$childName)
{
    if(
$childName===$itemName)
        return 
true;
    foreach(
$this->getItemChildren($childName) as $child)
    {
        if(
$this->detectLoop($itemName,$child->getName()))
            return 
true;
    }
    return 
false;
}

Checks whether there is a loop in the authorization item hierarchy.

getAuthAssignment() method
public CAuthAssignment getAuthAssignment(string $itemName, mixed $userId)
$itemName string the item name
$userId mixed the user ID (see IWebUser::getId)
{return} CAuthAssignment the item assignment information. Null is returned if the item is not assigned to the user.
Source Code: framework/web/auth/CDbAuthManager.php#322 (show)
public function getAuthAssignment($itemName,$userId)
{
    
$sql="SELECT * FROM {$this->assignmentTable} WHERE itemname=:itemname AND userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':itemname',$itemName);
    
$command->bindValue(':userid',$userId);
    if((
$row=$command->queryRow($sql))!==false)
        return new 
CAuthAssignment($this,$row['itemname'],$row['userid'],$row['bizrule'],unserialize($row['data']));
    else
        return 
null;
}

Returns the item assignment information.

getAuthAssignments() method
public array getAuthAssignments(mixed $userId)
$userId mixed the user ID (see IWebUser::getId)
{return} array the item assignment information for the user. An empty array will be returned if there is no item assigned to the user.
Source Code: framework/web/auth/CDbAuthManager.php#340 (show)
public function getAuthAssignments($userId)
{
    
$sql="SELECT * FROM {$this->assignmentTable} WHERE userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':userid',$userId);
    
$assignments=array();
    foreach(
$command->queryAll($sql) as $row)
        
$assignments[$row['itemname']]=new CAuthAssignment($this,$row['itemname'],$row['userid'],$row['bizrule'],unserialize($row['data']));
    return 
$assignments;
}

Returns the item assignments for the specified user.

getAuthItem() method
public CAuthItem getAuthItem(string $name)
$name string the name of the item
{return} CAuthItem the authorization item. Null if the item cannot be found.
Source Code: framework/web/auth/CDbAuthManager.php#471 (show)
public function getAuthItem($name)
{
    
$sql="SELECT * FROM {$this->itemTable} WHERE name=:name";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':name',$name);
    if((
$row=$command->queryRow())!==false)
        return new 
CAuthItem($this,$row['name'],$row['type'],$row['description'],$row['bizrule'],unserialize($row['data']));
    else
        return 
null;
}

Returns the authorization item with the specified name.

getAuthItems() method
public array getAuthItems(integer $type=NULL, mixed $userId=NULL)
$type integer the item type (0: operation, 1: task, 2: role). Defaults to null, meaning returning all items regardless of their type.
$userId mixed the user ID. Defaults to null, meaning returning all items even if they are not assigned to a user.
{return} array the authorization items of the specific type.
Source Code: framework/web/auth/CDbAuthManager.php#374 (show)
public function getAuthItems($type=null,$userId=null)
{
    if(
$type===null && $userId===null)
    {
        
$sql="SELECT * FROM {$this->itemTable}";
        
$command=$this->db->createCommand($sql);
    }
    else if(
$userId===null)
    {
        
$sql="SELECT * FROM {$this->itemTable} WHERE type=:type";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':type',$type);
    }
    else if(
$type===null)
    {
        
$sql="SELECT name,type,description,t1.bizrule,t1.data
            FROM 
{$this->itemTable} t1, {$this->assignmentTable} t2
            WHERE name=itemname AND userid=:userid"
;
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':userid',$userId);
    }
    else
    {
        
$sql="SELECT name,type,description,t1.bizrule,t1.data
            FROM 
{$this->itemTable} t1, {$this->assignmentTable} t2
            WHERE name=itemname AND type=:type AND userid=:userid"
;
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':type',$type);
        
$command->bindValue(':userid',$userId);
    }
    
$items=array();
    foreach(
$command->queryAll() as $row)
        
$items[$row['name']]=new CAuthItem($this,$row['name'],$row['type'],$row['description'],$row['bizrule'],unserialize($row['data']));
    return 
$items;
}

Returns the authorization items of the specific type and user.

getDbConnection() method
protected CDbConnection getDbConnection()
{return} CDbConnection the DB connection instance
Source Code: framework/web/auth/CDbAuthManager.php#566 (show)
protected function getDbConnection()
{
    if(
$this->db!==null)
        return 
$this->db;
    else if((
$this->db=Yii::app()->getComponent($this->connectionID)) instanceof CDbConnection)
        return 
$this->db;
    else
        throw new 
CException(Yii::t('yii','CDbAuthManager.connectionID "{id}" is invalid. Please make sure it refers to the ID of a CDbConnection application component.',
            array(
'{id}'=>$this->connectionID)));
}

getItemChildren() method
public array getItemChildren(mixed $names)
$names mixed the parent item name. This can be either a string or an array. The latter represents a list of item names (available since version 1.0.5).
{return} array all child items of the parent
Source Code: framework/web/auth/CDbAuthManager.php#243 (show)
public function getItemChildren($names)
{
    if(
is_string($names))
        
$condition='parent='.$this->db->quoteValue($names);
    else if(
is_array($names) && $names!==array())
    {
        foreach(
$names as &$name)
            
$name=$this->db->quoteValue($name);
        
$condition='parent IN ('.implode(', ',$names).')';
    }
    
$sql="SELECT name, type, description, bizrule, data FROM {$this->itemTable}{$this->itemChildTable} WHERE $condition AND name=child";
    
$children=array();
    foreach(
$this->db->createCommand($sql)->queryAll() as $row)
        
$children[$row['name']]=new CAuthItem($this,$row['name'],$row['type'],$row['description'],$row['bizrule'],unserialize($row['data']));
    return 
$children;
}

Returns the children of the specified item.

hasItemChild() method
public boolean hasItemChild(string $itemName, string $childName)
$itemName string the parent item name
$childName string the child item name
{return} boolean whether the child exists
Source Code: framework/web/auth/CDbAuthManager.php#228 (show)
public function hasItemChild($itemName,$childName)
{
    
$sql="SELECT parent FROM {$this->itemChildTable} WHERE parent=:parent AND child=:child";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':parent',$itemName);
    
$command->bindValue(':child',$childName);
    return 
$command->queryScalar()!==false;
}

Returns a value indicating whether a child exists within a parent.

init() method
public void init()
Source Code: framework/web/auth/CDbAuthManager.php#65 (show)
public function init()
{
    
parent::init();

    
$this->getDbConnection()->setActive(true);
    
$this->_usingSqlite=!strncmp($this->getDbConnection()->getDriverName(),'sqlite',6);
}

Initializes the application component. This method overrides the parent implementation by establishing the database connection.

isAssigned() method
public boolean isAssigned(string $itemName, mixed $userId)
$itemName string the item name
$userId mixed the user ID (see IWebUser::getId)
{return} boolean whether the item has been assigned to the user.
Source Code: framework/web/auth/CDbAuthManager.php#306 (show)
public function isAssigned($itemName,$userId)
{
    
$sql="SELECT itemname FROM {$this->assignmentTable} WHERE itemname=:itemname AND userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':itemname',$itemName);
    
$command->bindValue(':userid',$userId);
    return 
$command->queryScalar()!==false;
}

Returns a value indicating whether the item has been assigned to the user.

removeAuthItem() method
public boolean removeAuthItem(string $name)
$name string the name of the item to be removed
{return} boolean whether the item exists in the storage and has been removed
Source Code: framework/web/auth/CDbAuthManager.php#443 (show)
public function removeAuthItem($name)
{
    if(
$this->usingSqlite())
    {
        
$sql="DELETE FROM {$this->itemChildTable} WHERE parent=:name1 OR child=:name2";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':name1',$name);
        
$command->bindValue(':name2',$name);
        
$command->execute();

        
$sql="DELETE FROM {$this->assignmentTable} WHERE itemname=:name";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':name',$name);
        
$command->execute();
    }

    
$sql="DELETE FROM {$this->itemTable} WHERE name=:name";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':name',$name);

    return 
$command->execute()>0;
}

Removes the specified authorization item.

removeItemChild() method
public boolean removeItemChild(string $itemName, string $childName)
$itemName string the parent item name
$childName string the child item name
{return} boolean whether the removal is successful
Source Code: framework/web/auth/CDbAuthManager.php#213 (show)
public function removeItemChild($itemName,$childName)
{
    
$sql="DELETE FROM {$this->itemChildTable} WHERE parent=:parent AND child=:child";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':parent',$itemName);
    
$command->bindValue(':child',$childName);
    return 
$command->execute()>0;
}

Removes a child from its parent. Note, the child item is not deleted. Only the parent-child relationship is removed.

revoke() method
public boolean revoke(string $itemName, mixed $userId)
$itemName string the item name
$userId mixed the user ID (see IWebUser::getId)
{return} boolean whether removal is successful
Source Code: framework/web/auth/CDbAuthManager.php#291 (show)
public function revoke($itemName,$userId)
{
    
$sql="DELETE FROM {$this->assignmentTable} WHERE itemname=:itemname AND userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':itemname',$itemName);
    
$command->bindValue(':userid',$userId);
    return 
$command->execute()>0;
}

Revokes an authorization assignment from a user.

save() method
public void save()
Source Code: framework/web/auth/CDbAuthManager.php#522 (show)
public function save()
{
}

Saves the authorization data to persistent storage.

saveAuthAssignment() method
public void saveAuthAssignment(CAuthAssignment $assignment)
$assignment CAuthAssignment the assignment that has been changed.
Source Code: framework/web/auth/CDbAuthManager.php#355 (show)
public function saveAuthAssignment($assignment)
{
    
$sql="UPDATE {$this->assignmentTable} SET bizrule=:bizrule, data=:data WHERE itemname=:itemname AND userid=:userid";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':bizrule',$assignment->getBizRule());
    
$command->bindValue(':data',serialize($assignment->getData()));
    
$command->bindValue(':itemname',$assignment->getItemName());
    
$command->bindValue(':userid',$assignment->getUserId());
    
$command->execute();
}

Saves the changes to an authorization assignment.

saveAuthItem() method
public void saveAuthItem(CAuthItem $item, string $oldName=NULL)
$item CAuthItem the item to be saved.
$oldName string the old item name. If null, it means the item name is not changed.
Source Code: framework/web/auth/CDbAuthManager.php#487 (show)
public function saveAuthItem($item,$oldName=null)
{
    if(
$this->usingSqlite() && $oldName!==null && $item->getName()!==$oldName)
    {
        
$sql="UPDATE {$this->itemChildTable} SET parent=:newName WHERE parent=:name";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':name',$oldName);
        
$command->bindValue(':newName',$item->getName());
        
$command->execute();
        
$sql="UPDATE {$this->itemChildTable} SET child=:newName WHERE child=:name";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':name',$oldName);
        
$command->bindValue(':newName',$item->getName());
        
$command->execute();
        
$sql="UPDATE {$this->assignmentTable} SET itemname=:newName WHERE itemname=:name";
        
$command=$this->db->createCommand($sql);
        
$command->bindValue(':name',$oldName);
        
$command->bindValue(':newName',$item->getName());
        
$command->execute();
    }

    
$sql="UPDATE {$this->itemTable} SET name=:newName, type=:type, description=:description, bizrule=:bizrule, data=:data WHERE name=:name";
    
$command=$this->db->createCommand($sql);
    
$command->bindValue(':type',$item->getType());
    
$command->bindValue(':name',$oldName===null?$item->getName():$oldName);
    
$command->bindValue(':newName',$item->getName());
    
$command->bindValue(':description',$item->getDescription());
    
$command->bindValue(':bizrule',$item->getBizRule());
    
$command->bindValue(':data',serialize($item->getData()));
    
$command->execute();
}

Saves an authorization item to persistent storage.

usingSqlite() method
protected boolean usingSqlite()
{return} boolean whether the database is a SQLite database
Source Code: framework/web/auth/CDbAuthManager.php#580 (show)
protected function usingSqlite()
{
    return 
$this->_usingSqlite;
}